fix: trivy failure in codeql action (#211)

* fix: trivy failure in codeql action

Signed-off-by: Vishal Choudhary <[email protected]>

* feat: bump trivy

Signed-off-by: Vishal Choudhary <[email protected]>

---------

Signed-off-by: Vishal Choudhary <[email protected]>

Author: vishal-chdhry

Diff for: .github/workflows/codeql.yaml

@@ -27,7 +27,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # v0.17.0
+        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
         with:
           scan-type: fs
           ignore-unfixed: false
@@ -37,8 +37,12 @@ jobs:
           scanners: vuln,secret
           exit-code: '0'
           vuln-type: os,library
+        env:
+          # Trivy is returning TOOMANYREQUESTS
+          # See: https://github.com/aquasecurity/trivy-action/issues/389#issuecomment-2385416577
+          TRIVY_DB_REPOSITORY: 'public.ecr.aws/aquasecurity/trivy-db:2'
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7
         with:
           sarif_file: trivy-results.sarif
-          category: code
+          category: code